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@ Access controlled device for rendering services. 

(57) The present invention relates to a device (10) 
for /endering services such as for example 
telephone communication, data communi- 
cation and so on composing a terminal unit (1) 
and an access unit (2), the terminal unit (1) 
comprising terminal unit identification means 
(PI NIJ which are stored in the terminal unit and 
the access unit comprising first access identifi- 
cation means (I MSI) in the form of a code or 
similar, terminal unit (1) as well as an access 
unit (2) being lockable. In the terminal unit are 
furthermore first access identification means 
for a given number of access units (SIM) stored 
wherein upon starting up of the device involving 
contact between terminal unit (1) and actual 
access unit (SIM) (2) with a certain access unit 
identification means (IMSIJ, the code of the 
identification means (IMSIJ of the access unit 
(2) is compared to in the terminal unit (1) stored 
codeAs for first access identification means 
(IMSIJ in the terminal unit, correspondence 
between stored access identification means 
(IMSIJ and actual access unit identification 
means (IMSIJ leading to locking up of the 
terminal unit whereas non-correspondence be- 
tween stored and actual access unit identifi- 
cation means (IMSI 8 ^ IMSIJ respectively at 
least the terminal unit identification code (PINJ 
must be given. 
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TECHNICAL RELD: 

The present invention relates to an arrangement for rendering services as stated in the first part of claim 
1 . Similar devices may under a lot of circumstances easily be abused and are very attractive to steal which 

5 might have serious consequences. This is the case as well if e.g. the access units are not lockable or are not 
locked as well as if the terminal unit is not lockable or is not locked so that they merely can be used by users 
who really should have access to the one or the other of the units. This is e.g. the case with mobi le telephones 
where the subscription is not related to a particular mobi I e telephone or terminal unit but is related to a separate 
card. Therethrough a terminal unit or a telephone may be used with any card. If on the other hand the access 

10 unit, or the card, is not locked, anyone may use the card and therethrough also charge the subscription. One 
way to solve this problem, i.e. to protect the terminal unit as well as the access unit is to implement a "lock" in 
the terminal unit as well as in the access unit wherethrough a user has to enter a code to "unlock" the terminal 
unit and a further code to lock up" the card and thus get access to the subscription. This however is tedious 
since two different codes have to be entered each time upon use which is very inconvenient, among others 

15 since it is difficult to remember the increasing number of codes which are necessary in the society and also 
because it is annoying each time, which may be a large number of times, having to enter two codes. It is there- 
fore very probable that the user inactivates one or the other of the codes or in the worst case both identification 
codes in order to be able to get a quick access to his phone whereby the user runs the risk that the device, or 
one of the units comprised by the device or arrangement, are abused or stolen. 

20 

STATE OF THE ART: 

Devices as referred to above are known but as mentioned above they suffer the drawback that either two 
different codes have to be entered upon every activation of the terminal or it is not bothered to lock e.g. the 

25 terminal, but also in some cases, the card or the access unit This is for example the case with the digital GSM- 
system. In this system the subscription is on a separate so called SIM-card (Subscriber Identity Module). In 
this case the terminal unit, or the telephone, is very attractive for stealing since the SIM-card which should 
have access to the telephone simply can be exchanged through another SIM-card and therethrough the tele- 
phone may be used freely by users who should not have access to the, in this case, telephone. This is partic- 

30 ularfy the case when the terminal units are intended to be used by a particular user or a particular group of 
users or when the terminal quite simply is stolen. In the he known device the access unit, or the SIM-card, 
comprises a so called PIN-code (Personal Identification Number) whereas the terminal unit, or the telephone, 
in turn comprises another PIN-code so that in order to get a full protection of terminal unit (telephone) as well 
as access unit (card), both codes must be entered at every activation of the terminal unit or the telephone. 

35 This leads consequently to a very awkward handling of the device. 

On the other hand, in known analogue mobile telephone systems the subscription is programmed into the 
telephone terminal. This is done with special equipment and is handled by authorized personnel which is picked 
out and controlled by the operator, therefore the same problems do not arise in this case. 

40 BRIEF DESCRIPTION OF THE INVENTION: 

The object of the present invention is to provide an arrangement for rendering services wherein a terminal 
unit as well as an access unit are safe against thefts and may not easily be abused at the same time as the 
device is easy to use and in the normal case do not require a double entering of codes and wherein particularly 
45 advantageous no entering or giving of codes at all is necessary to give the owner or the prioritized user access 
to the device without the device therefore getting less safe or protected against thefts. A further object with 
the invention is to provide an arrangement which permits fast and easy access and wherein the simplified 
access may be given to one or more users depending on what is desired. 

An arrangement through which these as well as other objects are achieved is given by the characteristics 
so of the characterizing part of claim 1. 

A further object with the invention is particularly to, if so desired, enable to render information about iden- 
tification number (for example telephone number) or codes belonging to access units which have been ac- 
ceded simplified access. This object is achieved through the characteristics as given in claim 14. 

Further preferred embodiments are given by the characteristics in the further subclaims. 

55 

BRIEF DESCRIPTION OF THE DRAWINGS: 

The invention will in the following be further described with reference to the drawings in an explanatory 
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and by no means limiting way, wherein 

Fig. 1 schematically illustrates a terminal unit and an access unit in the form of a telephone with a card, 
Fig. 2 schematically illustrates an example of a flow diagram with steps which are gone through upon ac- 
tivation of the terminal for "locking up* of terminal unit as well as access unit (in the illustrated case 
5 a telephone and a card). 

DETAILED DESCRIPTION OF THE INVENTION: 

In the embodiment shown in Fig. 1 a device or an arrangement 1 0 is shown wherein the terminal unit corn- 
to prises a mobile telephone 1 and the access unit comprises an electronical card 2 comprising the subscription. 
The device furthermore comprises a push button means 5 t a memory 3 and a micro processor unit 4. In the 
display 6 among others telephone numbers are shown. In the shown embodiment the device refers to the cel- 
lular so called GSM-mobile telephone system, particularly the CME 20-system (Ericsson). In this context it is 
also referred to recommendation GSM 11 .11 . In the shown embodiment the card 2 with an electronical memory 

15 comprises a so called SIM-card (Subscriber Identity Module) further described in Recommendation GSM 
02.17 which contains the information which unambiguously identifies the subscriber. In the SIM-card 2 the so 
called IMSI-code (International Mobile Subscriber Identity) is stored. A mobile station, MS, which for example 
may be a station mounted on a vehicle, a portable station or a hand carried station, may only be used if a 
valid IMSI-code is present. In the cases when the terminal unit or the telephone 1 is not locked or secured by 

20 a so called EIR-register (Equipment Identity Register) (not yet in use) which in one way can be seen as a dif- 
ferent alternative to the present invention as theft protection is concerned, it would be easy to abuse or steal 
the terminal unit or the telephone 1. Upon starting up or activation of the telephone 1, the telephone 1 and 
the SIM-card 2 communicate with each other. The IMSI-code for the SIM-card(-s) 2 is (are) to be stored in a 
memory in the phone, e.g. in an EEPROM-storage. The IMSI-code may then be stored in a number of different 

25 ways which are known per se, e.g. the whole of it, partly, non-ciphered or ciphered or random numbered gen- 
erated with calculation of rest or any other method. The storing may take place either automatically or manually. 
According to an advantageous embodiment of the invention it is possible to, apart from storing of the identity 
of the own SIM-card, i.e. its IMSI-code, also store the IMSI-codes of a number of other SIM-cards which should 
have a simplified or prioritized access to the terminal unit or the telephone 1. 

30 Particularly under reference to the flow diagram of Fig. 2 in the following the sequence will be described 

wherein, after one or more IMSI-codes have been stored in a storage of a terminal unit as well as possibly 
also PINt and PIN c -codes, the terminal is activated or started up wherein a number of different possibilities 
are possible depending on the actual IMSI-code having been stored or not 

Upon activation of the telephone, wherein either a card already is present in the telephone 1 or a new one 

35 has been introduced, the actual IMSI c -code is sent to the telephone 1 (according to the GSM-recommendation) 
via the microprocessor 4, as stated above, where it is compared to in the telephone 1 stored IMSI^codef-s). 
If IMSIc corresponds to any IMSI s -code which has been stored in the telephone 1, the telephone is started up 
without requiring any further measure to be taken or without asking for any further code. If on the other hand 
the codes do not correspond the telephone 1 demands a PI N r code for the terminal unit or the telephone 1. 

40 Thus, on every occasion of activation of the telephone 1, in the memory 3 stored code(-s) (IMSl^J are 
compared with the received code (IMSIJ of the actual SIM-card. A so called PIN-code for the SIM-card may 
likewise be stored in the storage 3 in a way similar to that of the IMSI-code(-s). In the storage 3 of the terminal 
unit (telephone) are apart from one or more IMSI-codes also a PINt, i.e. a Personal Identification Number for 
the terminal, is stored. According to different embodiments may furthermore PI N c of those cards whose IMSI C - 

45 code(-s) have been stored, be stored therein as well as a telephone number for the corresponding subscription. 
This is however dependent on desires and requirements and provisions and merely shows advantageous em- 
bodiments. Now returning to the case wherein the actual IMSIc-code does correspond to the stored IMSI S - 
code and the terminal is locked up. Thereafter is investigated if the actual PIN c -code of the card is stored. If 
this is the case, the PIN c -code of the actual card is picked up from the memory 3 whereupon it is transmitted 

so to the card 2 which thereafter is locked up and then the telephone 1 as well as the card (access unit) 2 are 
unlocked and the device 10 is as far as locking is concerned ready to be used or open for communication. In 
this case, consequently, is not required the entering of any code by the user. (If PIN C is stored (and activated), 
this code is requested and will then have to be entered or given). 

if however the actual IMSI c -code does not correspond to any stored IMSI,-code the terminal unit 1 or the 

55 telephone 1 requests a PI N r code for the terminal. When this code is given the terminal 1 is unlocked. There- 
after is asked if the PIN c -code for the card is activated. If not, the card is unlocked and thus was not locked. 
If yes, the PINc-code is requested and when this is given, the card is locked up and the device is ready to be 
used as far as locking is concerned. If on the other hand the actual IMSI-code has corresponded to a stored 
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IMSI 8 -code it is also possible that the PIN c -code of the actual card has not been stored. The terminal is in this 
case, as already mentioned above, already unlocked. Then is examined if any PIN c -code for the card is acti- 
vated. If yes, this is given whereupon the card is locked up. If not, the card consequently has not been locked 
and is therefore unlocked and the device is ready to be used as far as locking is concerned. Thus it is possible 
5 for an authorized user, i.e. a user who should have access to telephone as well as to card not to enter any 
code at ail but that the card as well as the terminal are unlocked automatically. If however the actual IMSI C - 
code has not been stored in the terminal it is possible to get access by entering PIN-codes for terminal and 
card. Eventually these codes could be associated with each other and for example consist of one and the same 
code. 

10 According to a preferred embodiment at least one IMSI c -code as well as also PIN-codes for card as well 
as for terminal are stored in the memory. To avoid the storage of the PIN-code of the card it might also be 
possible, as mentioned above, to associate this with the PIN-code of the terminal. According to a preferred 
embodiment is however the PIN c -code of the card stored in a ciphered form in the memory 3. 

The cards may for example comprise cards with an electronical memory but also cards with a magnetical 

15 memory or other alternatives are possible. 

According to a preferred embodiment it is possible, in case the IMSI c -code of an actual card is stored in 
the memory 3 of the terminal 1 , to show for example the telephone number of the actual subscription or the 
SIM-card which can be useful since this in no other way is visible. Then it is examined, after unlocking of the 
card, if the telephone number of the card is stored in the terminal. If this is the case, it is picked up from the 

20 memory and is shown on the display 6. If the telephone number is not stored in the terminal it is examined if 
the telephone number is stored in the card. If this is the case, the telephone number is picked up from the mem- 
ory and is also shown on the display 6. If the telephone number is not stored, no display takes place. The display 
of telephone numbers is advantageous since the telephone number in no other way is visible, neither on the 
terminal unit or on the card and if a user for example has several cards it may be difficult to remember the 

25 number as it often is difficult to remember the own number. This is the case both if one or more telephone 
numbers is/are connected to stored IMSI-codes. 

It is furthermore possible to carry out the storage of different codes (IMSI, PIN) in the memory 3, either 
manually or automatically. With manual storing it could for example be effected by a so called push button de- 
vice 5 or similar. Furthermore, it should be possible to change stored codes as well as to delete codes or add 

30 codes. 

The invention shall of course not be limited to the shown embodiments and does not have to be a mobile 
telephone but it is related to every device rendering services, e.g. devices for data communication or others 
comprising a terminal unit and an access unit which e.g. may comprise a subscription or similar and where it 
is desirable to secure the units forming part of the device against theft and abuse. A device may also comprise 
35 more than two units. The invention should not be limited to the shown embodiments but can be freely varied 
within the scope of the claims. 



Claims 

40 

1. Arrangement (10) for rendering services such as telephone communication, data communication, etc, 
comprising a terminal unit (1) and an access unit (2), the terminal unit (1) comprising terminal unit iden- 
t if icat ion means (PINJ being stored in the terminal unit (1 ) and the access unit (2) comprising first access- 
unrt-identif ication means (IMSI) in the form of a code or similar, terminal unit (1) as well as access unit 

45 (2) being lockable, characterized in that, in the terminal unit are furthermore stored first access-unit-iden- 

tif ication means (IMSIsj} for a given number (n) of access units (2) (SIM), whereupon starting up of the 
arrangement involving contact between the terminal unit (1) and an access unit (SIM) (2) with a certain 
access-unit-identification means (IMSIJ, the code of the identification means (IMSIJ of the access unit 
(2) is compared with in the terminal unit stored code(-s) for access-unit-identification means (IMSI^j), 

50 wherein correspondence between stored access-unit-identification means (IMSIgj) and actual access- 

unit- identification means (IMSIJ leads to locking up of the terminal unit (1) whereas upon non-correspon- 
dence between stored and actual access-unit-identification means at least the terminal-unit-identifica- 
tion code (PINO is to be given. 

55 2. Arrangement according to claim 1, characterized in that the second access-unit identification means 
(PINc) of the access unit (SIM) (2) may be activated or inactivated. 

3. Arrangement according to claim 2, characterized in that if stored first access-unit-identification code (IM- 



4 



EP0 607 767 A1 



10 



15 



35 



55 



S\^) does not correspond with actual access-identification code (IMSIJ and the second access unit iden- 
tification means are activated and comprises a code (PINJ, this has to be given for locking up or activation 
of the access unit (SIM) (2). 

4. Arrangement according to claim 3, characterized in that this code (PINJ is given manually by the user. 

5. Arrangement according to claim 1 or 2, characterized in that also second access unit identification 
means (PINc) are stored in the terminal unit (1), the terminal unit upon correspondence between stored 
and actual access-identification-code (IMSI 8 = IMSIJ automatically transferring the second identification 
means (PINJ to the access unit (2) so that the arrangement (10) may be used without the second access 
unit identification code (PINc) having to be given by the user. 

6. Arrangement according to claim 2, characterized in that if the second access unit identification means 
(PINJ has not been stored and that upon correspondence between in the terminal unit (1) stored first 
access-unit-identification means (IMSIsj) and the actual access-unit-identification means (IMSy, the ac- 
cess unit (2) is locked up by entering of (PINJ. 



7. Arrangement according to anyone of claims 1 or 2, characterized in that upon non-correspondence be- 
tween stored and actual access-identification code (IMSI C * IMSI,) terminal unit (1) as well as access 
unit (2) are locked up by giving one of the terminal identification code (PINO or the second access-unit- 

20 identification code (PINJ 

8. Arrangement according to anyone of claims 1-4, 6, characterized in that upon non-correspondence be- 
tween actual and any stored access-identification-code (IMSIJ * IMSI S ) terminal identification code 
(PINO as well as second access identification code (PINc) have to be given. 

25 

9. Arrangement according to anyone of the preceding claims, characterized in that the terminal unit (1) com- 
prises a mobile telephone. 

10. Arrangement according to anyone of the preceding claims, characterized in that the access unit (2) com- 
3Q prises a card e.g. with an electronical or a magnetical memory. 

1 1 . Arrangement according to claim 1 0, characterized in that the access unit (2) comprises a SIM-card (Sub- 
scriber Identity Module) defining the subscription of the mobile telephone (1). 



12. Arrangement according to anyone of the preceding claims, characterized in that the first access-unit- 
identification code (IMSIcj) for at least one subscription which should have access to the telephone unit 
(1) or the terminal unit is stored in the terminal unit, said identification code for example being stored in 
a EEPROM- memory in a manner known per se, as a whole, partly, ciphered, random number generated 
with rest and so on. 

40 13. Arrangement according to clai m 1 2, characterized in that furthermore one or several further access-unit- 
identification codes (PINd) are stored in a memory in the terminal unit (1) for example as a whole, partly 
or ciphered in any per se known way. 

14 Arrangement according to claim 13, characterized in that at least one second identification code (PIN^t) 
45 is stored ciphered in a memory in the terminal unit (1). 

15. Arrangement according to any one of the claims 12-14, characterized in that the storage of the first ac- 
cess-identification-code (IMSI,) takes place automatically. 

so 16. Arrangement according to any one of claims 12-14, characterized in that the storage of the first access- 
identification-code (IMSI 8 ) takes place manually, for example via a push button device (5) or similar. 

17. Arrangement according to any one of the claims 12-16 characterized in that at least one second access- 
identification-code (PINJ is stored in a memory in the terminal unit (1) in a way which is essentially ana- 
logue to the storing of the first access identification code (IMSI 8 ). 



18. Arrangement according to any one of claims 9-17 characterized in that at least one to at least one access 
unit (2) belonging telephone number is stored, either in a terminal storage or in a storage in the card so 
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that this is picked up from said storage and shown on a display (6) when the arrangement (1 0) is unlocked. 
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